Exam 8: Controlling Information Systems: Introduction to Pervasive Controls

Within the data center, the data control group is responsible for routing all work into and out of the data center, correcting errors, and monitoring error correction.

As an IT resource, information includes data in all their forms that are input, processed and output by information systems.

The ___________________________________logs and monitors who is on or is trying to access the network.

______________________________ is the intentional unauthorized access of an organization's computer system, accomplished by bypassing the system's access security controls.

The ___________________________________ coordinates the organizational and IT strategic planning processes and reviews and approves the strategic IT plan.

Systems documentation provides an overall description of the application, including the system's purpose; an overview of system procedures; and sample source documents, outputs, and reports.

The system of controls used in this text consists of the control environment, pervasive control plans, IT general controls, and business process (and application) control plans.

Application controls restrict access to data, programs, and documentation.

Within the data center, the data librarian function grants access to programs, data, and documentation to authorized personnel only.

The disaster recovery strategy known as a cold site is a fully equipped data center that is made available to client companies for a monthly subscriber fee.

Business continuity planning is the process that identifies events that may threaten an organization and provide a framework whereby the organization will continue to operate or resume operations with a minimum of disruption.

The function composed of people, procedures, and equipment that is typically called the information systems department, IS department, or the IT department is the information systems organization.

In a logic bomb attack, a Web site is overwhelmed by an intentional onslaught of thousands of simultaneous messages, making it impossible for the attacked site to engage in its normal activities.

Which of the following statements related to denial of service attacks is false?

Continuity is the process of using backup measures to restore lost data and resume operations.

Program documentation provides a description of an application computer program and usually includes the program's purpose, program flowcharts, and source code listings.

The ______________________________ maintains custody of and controls access to programs, files, and documentation.

A warehouse clerk manually completing an order document and forwarding it to purchasing for approval is an example of:

Access control software ensures that only authorized users gain access to a system through a process of identification and authentication.

The _________________________ describes user procedures for an application and assists the user in preparing inputs and using outputs.